Making Sense of Large-scale Cyber Incidents : International Cybersecurity Beyond Threat-based Security Perspectives

Sammanfattning: Large-scale cyber incidents have figured prominently in securitizing speech acts over the last decade. This thesis demonstrates how conceptualizations of cybersecurity as a public security problem connects to and shapes cybersecurity governance in national and international settings. It explores how theoretical lenses drawn from the securitization, riskification, crisis and socio-technical systems literatures can improve our understanding of the phenomena of large-scale cyber incidents, and how such incidents are interpreted by key actors. The thesis includes four articles comprising case studies which utilize in-depth interviews, text analysis and discourse analysis. The findings reveal a steady development towards an increasingly threat-based security logic in both national and international cyber policy settings. The case studies also highlight the volatile nature of malware proliferation, the tendency of collateral damage from directed cyberattacks, the transboundary characteristics of large-scale cyber incidents, and the central role of civil contingencies actors and the private sector in cybersecurity governance. The implications of these findings are discussed in relation to the increasing securitization and militarization of cyberspace. Overall, this thesis contributes to our understanding of how cybersecurity is constructed as a security problem in theory and practice, and it employs analytical approaches which facilitate the exploration of international cybersecurity along more than just traditional ‘hard’ security lines.